Cyber tensions rise around the Arabian Gulf. Palo Alto Networks reports on espionage campaign, “OilRig,” deploying the Helminth backdoor against targets in Saudi Arabia’s banking and defense sectors. Helminth’s command-and-control infrastructure contains clues suggesting Iranian origin. Iran says its Statistics Centre sustained an unspecified cyber attack traceable to Saudi IP addresses.
The Russia-linked PawnStorm/Sofacy cyber espionage group is said to be newly active against targets in Finland, especially those targets showing an interest in Russian operations in Ukraine and Syria.
Symantec says it’s found evidence pointing to North Korean involvement in the Bangladesh Bank theft and similar attempts on banks in other Asian countries. Investigators in Bangladesh render their report to the Finance Ministry. They take care not to absolve SWIFT, but they now say an insider may have been involved. Banks around the world continue to work with SWIFT and various national standards bodies to shore up the security of funds transfers.
Old social media data breaches continue to trouble users. About 360 million MySpace credentials have turned up for sale on the dark web, as have 65 million Tumblr user emails and passwords. In both cases the data were lost in breaches that occurred a few years ago.
Check Point reports vulnerabilities in widely used LG Android devices.
IBM warns of “bug poaching.” Criminals hack into a network, and then offer to explain the vulnerability they exploited in exchange for payment. Asks are running at around $30,000.
Industry observers see high, but newly selective, VC interest in cyber.